Using the Root Account on Debian

There is one user account on your Debian system that has the power to change anything: the root account. By power, I mean absolute power. The root user account can read, replace, or remove any file. It can read or write to any attached device. It can read or write to any part of the computer's memory. If there's even a mere suspicion that a piece of software is buggy or poses a security risk, there's no way you should run it as root.

Because of the power of the root account, sensible system administrators take a good deal of care when using it. The best rule of thumb is to do only the bare minimum of operations as root. Different users take different views on how to minimize root usage. Increasingly, Unix-like operating systems take the approach of going as far as to disable the root account and to use privilege-gaining tools such as sudo to give normal users the ability to run programs as the root user when required.

This article introduces using sudo to restrict superuser privileges. It is a good idea for you to get used to sudo now, as the rest of this series will use it wherever you need root access to perform a task.

Running Commands As root

There are several ways to access the root account. The first is simply to log in to the machine's console as the root user. In normal operation, this is a bad idea, as it tends to encourage excessive use of the root account. However, when in single user mode for repair tasks, it's perfectly acceptable.

In normal operation, a user logs in to the system under his or her own account and wants to become root in order to run privileged commands. The su program lets you do this. The following example shows what happens when you use su to become root.

Switching to the root account

user@host:~$ su -
Password:
enter root's password here
host:~#

You can use su to switch to any user's account by giving his or her username (and knowing the right password!).

The example shows the normal Debian command-line prompts in full, to show how they change when root successfully logs in. To save space in the future, I will normally use only the $ prompt to denote the use of a normal user account and # to denote a root login.

The hyphen argument (-) to su instructs it to behave as if root had logged in on the console, so that it executes whatever shell customizations are set up. The root user has the home directory /root by default, and using su - will place you in that directory. Terminate the root session by exiting the shell with Ctrl-D or exit.

Using su to start a root shell session is almost as tempting for bad habits as a console login, however. Although you can give the --command option to su to execute a single command, rather than entire shell, retyping root's password each time becomes tiresome. Furthermore, using su means that you have to share the root password with anyone else who wants to run a program as root. Additionally, you can't restrict what those users can do as root. It may well be that you want them to run only one or two commands that require root privileges, not have dominion over your entire system.

The sudo program provides a solution to these problems and allows a more flexible and controllable approach to regulating root privileges. Install it by becoming root conventionally with su and using the aptitude package manager to install the software. An upcoming column in this series will explain fully how to install the software.

$ su -
# aptitude install sudo

After installing sudo, you must give your normal user account full privileges. To do this, run the visudo command as root. This will start up a text editor showing sudo's configuration file. Find the line reading root ALL=(ALL) ALL and copy it, substituting your username for root. Write out the file and quit the text editor.

The cautionary notice is shown only the first time you run sudo.

Now, quit the root login and log in to your regular user account. To test your new privileges, run whoami both with and without sudo.

$ whoami
username
$ sudo whoami
We trust you have received the usual lecture from the local system
administrator. It usually boils down to these two things:
1. Respect the privacy of others.
2. Think before you type.
Password:
here, enter your own password
root

From now on, you can prefix all commands that you need to run as root with sudo and just use your own password. If you use sudo again within 15 minutes, you won't need to reenter the password. If you add your user to the sudo group, you need never enter your password to use sudo. Assign this privilege with extreme care!